Secure testing commits - Mar 2005 - r602 - sarge-checks/CAN

Author: jmm-guest
Date: 2005-03-21 21:37:37 +0100 (Mon, 21 Mar 2005)
New Revision: 602

Modified:
   sarge-checks/CAN/list
Log:
More entries not affecting Debian.


Modified: sarge-checks/CAN/list
==================================================================---
sarge-checks/CAN/list	2005-03-21 20:14:19 UTC (rev 601)
+++ sarge-checks/CAN/list	2005-03-21 20:37:37 UTC (rev 602)
@@ -3,17 +3,17 @@
 CAN-2005-XXXX
 	ltris (unfixed; bug #291620)
 CAN-2005-0823 (ThePoolClub (1) iPool and (2) iSnooker 1.6.81 and earlier stores
...)
-	TODO: check
+	NOTE: not-for-us (iSnooker)
 CAN-2005-0822 (Citrix Metaframe Password Manager 2.5 and earlier stores a
password in ...)
-	TODO: check
+	NOTE: not-for-us (Citrix)
 CAN-2005-0821 (Unknown vulnerability in Citrix MetaFrame Conferencing Manager
3.0 ...)
-	TODO: check
+	NOTE: not-for-us (Citrix)
 CAN-2005-0820 (Microsoft Office InfoPath 2003 SP1 includes sensitive
information in ...)
 	NOTE: not-for-us (MS Office)
 CAN-2005-0819 (The xvesa code in Novell Netware 6.5 SP2 and SP3 allows remote
...)
-	TODO: check
+	NOTE: not-for-us (Novell Netware)
 CAN-2005-0818 (Cross-site scripting (XSS) vulnerability in PunBB 1.2.3 allows
remote ...)
-	TODO: check
+	NOTE: not-for-us (Pun BB)
 CAN-2005-0817 (Unknown vulnerability in the DNSd proxy, as used in Symantec
Gateway ...)
 	TODO: check
 CAN-2005-0816 (Buffer overflow in newgrp in Solaris 7 through 9 allows local
users to ...)
@@ -43,9 +43,9 @@
 CAN-2005-0804 (Format string vulnerability in MailEnable 1.8 allows remote
attackers ...)
 	TODO: check
 CAN-2005-0803 (The GetEnhMetaFilePaletteEntries API in GDI32.DLL in Windows
2000 ...)
-	TODO: check
+	NOTE: not-for-us (Windows)
 CAN-2005-0802 (Cross-site scripting (XSS) vulnerability in search.asp in ACS
Blog 0.8 ...)
-	TODO: check
+	NOTE: not-for-us (ACS Blog)
 CAN-2005-0801 (Directory traversal vulnerability in includer.cgi in The
Includer ...)
 	TODO: check
 CAN-2005-0800 (PHP remote code injection vulnerability in install.php in mcNews
1.3 ...)
@@ -59,7 +59,7 @@
 CAN-2005-0796 (Directory traversal vulnerability in HolaCMS 1.4.9-1 allows
remote ...)
 	TODO: check
 CAN-2005-0795 (HolaCMS 1.4.9 does not restrict file access to the holaDB/votes
...)
-	TODO: check
+	NOTE: not-for-us (Hola CMS)
 CAN-2005-0794 (ZPanel 2.0 and 2.5 beta 10 does not remove or protect
installation ...)
 	NOTE: not-for-us (ZPanel not in Debian)
 CAN-2005-0793 (PHP remote code injection vulnerability in zpanel.php in ZPanel
allows ...)